Known Vulnerabilities for Joomla! by Joomla
Listed below are 10 of the newest known vulnerabilities associated with "Joomla!" by "Joomla".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-23801 | An issue was discovered in Joomla! 4.0.0 through 4.1.0. Possible XSS atack vector through SVG embedding in com_media. | 6.1 - MEDIUM | 2022-03-30 | 2022-04-05 |
| CVE-2022-23800 | An issue was discovered in Joomla! 4.0.0 through 4.1.0. Inadequate content filtering leads to XSS vulnerabilities in various ... | 6.1 - MEDIUM | 2022-03-30 | 2022-04-05 |
| CVE-2022-23799 | An issue was discovered in Joomla! 4.0.0 through 4.1.0. Under specific circumstances, JInput pollutes method-specific input b... | 9.8 - CRITICAL | 2022-03-30 | 2022-04-05 |
| CVE-2022-23798 | An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. Inadequate validation of URLs could result int... | 6.1 - MEDIUM | 2022-03-30 | 2022-04-05 |
| CVE-2022-23797 | An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Inadequate filtering on the selected Ids on an... | 9.8 - CRITICAL | 2022-03-30 | 2022-04-05 |
| CVE-2022-23796 | An issue was discovered in Joomla! 3.7.0 through 3.10.6. Lack of input validation could allow an XSS attack using com_fields. | 6.1 - MEDIUM | 2022-03-30 | 2022-04-05 |
| CVE-2022-23795 | An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. A user row was not bound to a specific authent... | 9.8 - CRITICAL | 2022-03-30 | 2022-04-05 |
| CVE-2022-23794 | An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Uploading a file name of an excess length caus... | 5.3 - MEDIUM | 2022-03-30 | 2022-04-05 |
| CVE-2022-23793 | An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Extracting an specifilcy crafted tar package c... | 7.5 - HIGH | 2022-03-30 | 2022-04-05 |
| CVE-2021-23123 | An issue was discovered in Joomla! 3.0.0 through 3.9.23. The lack of ACL checks in the orderPosition endpoint of com_modules ... | 5.3 - MEDIUM | 2021-01-12 | 2021-01-19 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Joomla | Joomla! | 4.0.0 | - | All | All |
| Application | Joomla | Joomla! | 4.0.0 | alpha1 | All | All |
| Application | Joomla | Joomla! | 4.0.0 | alpha10 | All | All |
| Application | Joomla | Joomla! | 4.0.0 | alpha2 | All | All |
| Application | Joomla | Joomla! | 4.0.0 | alpha3 | All | All |
| Application | Joomla | Joomla! | 4.0.0 | alpha4 | All | All |
| Application | Joomla | Joomla! | 4.0.0 | alpha5 | All | All |
| Application | Joomla | Joomla! | 4.0.0 | alpha6 | All | All |
| Application | Joomla | Joomla! | 4.0.0 | alpha7 | All | All |
| Application | Joomla | Joomla! | 4.0.0 | alpha8 | All | All |
| Application | Joomla | Joomla! | 4.0.0 | alpha9 | All | All |
| Application | Joomla | Joomla! | 3.9.9 | All | All | All |
| Application | Joomla | Joomla! | 3.9.8 | All | All | All |
| Application | Joomla | Joomla! | 3.9.7 | All | All | All |
| Application | Joomla | Joomla! | 3.9.7 | - | All | All |
| Application | Joomla | Joomla! | 3.9.7 | rc | All | All |
| Application | Joomla | Joomla! | 3.9.6 | - | All | All |
| Application | Joomla | Joomla! | 3.9.6 | rc1 | All | All |
| Application | Joomla | Joomla! | 3.9.6 | rc2 | All | All |
| Application | Joomla | Joomla! | 3.9.5 | - | All | All |